Nothing Special   »   [go: up one dir, main page]

CN109558739A - Program operating method, device, terminal and readable medium - Google Patents

Program operating method, device, terminal and readable medium Download PDF

Info

Publication number
CN109558739A
CN109558739A CN201710884605.5A CN201710884605A CN109558739A CN 109558739 A CN109558739 A CN 109558739A CN 201710884605 A CN201710884605 A CN 201710884605A CN 109558739 A CN109558739 A CN 109558739A
Authority
CN
China
Prior art keywords
sdk
program
host program
server
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201710884605.5A
Other languages
Chinese (zh)
Other versions
CN109558739B (en
Inventor
冯广图
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tencent Technology Shenzhen Co Ltd
Original Assignee
Tencent Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tencent Technology Shenzhen Co Ltd filed Critical Tencent Technology Shenzhen Co Ltd
Priority to CN201710884605.5A priority Critical patent/CN109558739B/en
Publication of CN109558739A publication Critical patent/CN109558739A/en
Application granted granted Critical
Publication of CN109558739B publication Critical patent/CN109558739B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/48Program initiating; Program switching, e.g. by interrupt
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/54Interprogram communication

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Stored Programmes (AREA)
  • Telephonic Communication Services (AREA)

Abstract

This application discloses a kind of program operating method, device, terminal and readable mediums, belong to information security field.The described method includes: host program starts the first process when receiving program enabling signal;Host program is independently of the process except the first process by corresponding second process of the first process initiation SDK, the second process;When receiving function using signal, host program calls the api interface of SDK offer by the first process;Second process obtains target data from server according to calling;Second process provides program function to the first process according to target data.The application by by corresponding second process of SDK independently of corresponding first process of host except, it solves in the related technology since SDK is run in host process, the technical issues of host program can relatively easily crack SDK, since host program can only use the program function of SDK by the api interface for calling SDK to provide, and corresponding second process of SDK cannot be directly accessed, therefore improve the safety of SDK.

Description

Program operating method, device, terminal and readable medium
Technical field
This application involves information security field, in particular to a kind of program operating method, device, terminal and readable medium.
Background technique
SDK (Software Development Kit, software tool development kit) is a kind of for when establishing application software Developing instrument set.In general, software vendor is by some basic program function packages, and API is provided out by SDK and is connect Mouthful.
For example, SDK is supplied to software vendor B by software vendor A, software vendor B can carry out secondary development based on SDK, It is developed based on the host program of the SDK.After host program starting, the related process of SDK is operated in host process by terminal In, SDK is sightless to ordinary user.Ordinary user is made only it is observed that the operation of host process based on host process With the various functions of host process.
Since SDK is operated in host process, if host program is developed by malicious persons, pass through host It is to be relatively easy to that program, which crack to SDK,.For example, SDK can interact some significant datas with server, host program holds very much Easily listen to these significant datas.
Summary of the invention
The embodiment of the invention provides a kind of program operating method, device, terminal and readable mediums, solve the prior art Problem.The technical solution is as follows:
In a first aspect, provide a kind of program operating method, applied in the terminal for being equipped with host program, the host Program is that the program of secondary development is carried out based on SDK, which comprises
When receiving program enabling signal, the host program starts the first process;
The host program is by corresponding second process of SDK described in first process initiation, second process Independently of the process except first process;
When receiving function using signal, the host program calls the SDK to provide by first process Api interface;
Second process obtains target data according to described call from server;
Second process provides program function to first process according to the target data.
Second aspect provides a kind of program running gear, applied to include host program module terminal in, the dress It sets including the host program module and SDK module, the host program module is to carry out secondary development based on the SDK module Program module, operation has the first process in the host program module, and operation has the second process in the SDK module, described Except second process is independently of first process;
The host program module, for starting first process when receiving program enabling signal;By described Second process described in first process initiation;When receiving function using signal, the SDK is called to mention by first process The api interface of confession;
The SDK module, for obtaining target data according to described call from server by second process;According to The target data provides program function to first process.
The third aspect provides a kind of terminal, and the terminal includes processor and memory, is stored in the memory At least one instruction, at least a Duan Chengxu, code set or instruction set, at least one instruction, an at least Duan Chengxu, institute Code set or instruction set is stated to be loaded by the processor and executed to realize program operating method as described in relation to the first aspect.
Fourth aspect provides a kind of computer readable storage medium, which is characterized in that is stored in the storage medium At least one instruction, described instruction are loaded by processor and are executed to realize program operating method as described in relation to the first aspect.
Technical solution provided in an embodiment of the present invention has the benefit that
By by corresponding second process of SDK independently of corresponding first process of host except, solve in the related technology Since SDK is run in host process, the technical issues of host program can relatively easily crack SDK, due to host's journey Sequence can only by call SDK provide api interface use SDK program function, and cannot directly access SDK corresponding second into Journey, therefore host program can not listen to the data packet communicated between the operating condition and SDK and server of SDK, improve The safety of SDK.
Detailed description of the invention
To describe the technical solutions in the embodiments of the present invention more clearly, make required in being described below to embodiment Attached drawing is briefly described, it should be apparent that, drawings in the following description are only some embodiments of the invention, for For those of ordinary skill in the art, without creative efforts, it can also be obtained according to these attached drawings other Attached drawing.
Fig. 1 is the schematic diagram of implementation environment involved in the program operating method of the application one embodiment offer;
Fig. 2 is the method flow diagram for the program operating method that the application one embodiment provides;
Fig. 3 is the block diagram for the host program that the application one embodiment provides;
Fig. 4 is the host program that the application one embodiment provides and the interaction schematic diagram of SDK;
Fig. 5 is the method flow diagram for the program operating method that another embodiment of the application provides;
Fig. 6 is the method flow diagram for the program operating method that another embodiment of the application provides;
Fig. 7 is the method flow diagram for the program operating method that another embodiment of the application provides;
Fig. 8 is the device block diagram for the program running gear that the application one embodiment provides;
Fig. 9 is the structural block diagram for the terminal that the application one embodiment provides.
Specific embodiment
To make the object, technical solutions and advantages of the present invention clearer, below in conjunction with attached drawing to embodiment party of the present invention Formula is described in further detail.
Several nouns involved in the application are introduced first:
SDK (Software Development Kit, software tool development kit): being a kind of for when establishing application software Developing instrument set.In general, software vendor is by some basic program function packages, and api function is provided out by SDK Interface.
Host program: being the program that SDK is integrated after the secondary development of program development side, since SDK is built in the program, Therefore the program is referred to as host program by image.
Api interface (Application Programming Interface): being the preset function of SDK, for being based on The host program of SDK provides the function interface of the program function of access SDK.
Symmetric key: also known as private key encryption, that is, the both sides for sending and receiving data use identical key pair plaintext Operation is encrypted and decrypted.Symmetric key encryption algorithm specifically includes that DES (Data Encryption Standard, data Encryption standard), 3DES (Triple DES, triple data encryption algorithm), IDEA (International Data Encryption Algorithm, international data encryption algorithm), FEAL (Fast Data Encipherment Algorithm, Block encryption algorithm), Blowfish (symmetric key block encryption algorithm) etc..
Asymmetric cryptographic key: including one group of public key (Public Key) and private key (Private Key), public key refers to public affairs The key opened does not need to maintain secrecy, and decryption side can obtain through various channels;And private key refers to and is only held by encryption side itself Some keys, maintain secrecy.
Socket interface: being a kind of api interface, encapsulates to ICP/IP protocol.
JCE (Java Cryptography Extension): encryption, key generates and negotiation functionality for providing for one kind Data packet, can provide the encryption to symmetrical, asymmetric, block and stream cipher support.
GUID (Globally Unique Identifier, globally unique identifier): being a kind of two generated by algorithm System length is the numeric identifier of 128 (being also likely to be other digits).GUID is mainly used for possessing multiple nodes, more In the network or system of computer, one equipment of unique identification.In the ideal case, any computer and computer cluster be not Two identical GUID can be generated.
Root (highest operation permission): Root user is the super keepe in operating system with highest permission, tool It is equal to the permission of operating system.
Simulator (Simulator): also known as emulator refers to the main function by software analog hardware processor and refers to The program for enabling system run electronic computer or other terminals (tablet computer, mobile terminal) can in other terminals Software.
Referring to FIG. 1, implementation environment involved in the program operating method provided it illustrates the application one embodiment Schematic diagram, as shown in Figure 1, the implementation environment include: SDK provider 110, host program exploitation side 120, host program publication Platform 130 and terminal 140.Between SDK provider 110 and host program exploitation side 120 can by wired or wireless network into Row connection, can be connected between host program exploitation side 120 and host program distribution platform 130 by wired or wireless network It connects.Wherein, SDK provider 110 is for generating SDK, and the SDK is sent to host program exploitation side 120, and SDK provider can To be the server of SDK provider.Host program exploitation side 120 can be the terminals such as mobile phone, tablet computer, computer, It is also possible to work station, server etc..Host program distribution platform 130 is for issuing host program, for example, the host program is sent out Cloth platform 130 can be application platform Apple Store of Apple Inc., Google application platform Google Play, rise Application platform application treasured of news company etc..Terminal 140 is used to download host program from host program distribution platform 130 and run The host program, terminal 140 can be mobile phone, tablet computer, computer, personal digital assistant etc..
Referring to FIG. 2, the method flow diagram of the program operating method provided it illustrates the application one embodiment.This reality Example is applied so that the program operating method is applied in terminal 140 as shown in Figure 1 as an example, this method comprises:
In step 201, when receiving program enabling signal, host program starts the first process.
When user needs using host program, user clicks the icon of host program, and host program receives user and clicks The enabling signal that icon generates starts the first process.Wherein, the first process is operate in the journey that in host program and SDK is provided The relevant process of sequence function.
In step 202, for host program by corresponding second process of the first process initiation SDK, the second process is independent Process except the first process.
After the first process initiation, corresponding second process of the first process initiation SDK, wherein the second process is operate in In SDK, and independently of the process except the first process.
In step 203, when receiving function using signal, host program calls SDK to provide by the first process Api interface.
When the program function that user needs to provide using SDK, the relevant program function icon of host program, host are clicked Program receives the function that user's click program function icon generates and uses signal, is connect by the API that the first process calls SDK to provide Mouthful.Wherein, which is some program function icon in host program, the journey which provides Sequence function is the program function provided based on SDK, is not referred to all program functions in host program.
As shown in figure 3, in the present embodiment, SDK is packaged to host program opening API interface, SDK corresponding Independently with server communication, the api interface that host program can call SDK to provide by corresponding first process obtains two processes The relative program function of SDK.
For example, having and connecting automatically as shown in figure 4, host program is a application program for having automatic connection Wi-Fi Connect the function of Wi-Fi.The host program can be write using Jave language, and corresponding first process of the host program can be one A Java process, and SDK can provide the function of automatic connection Wi-Fi by running Native process, provide host program Api interface between Java process and the Native process of SDK can be Socket interface.Optionally, api interface further includes one Group JCE data packet, for providing, encryption, key generates and negotiation functionality.
In step 204, the second process obtains target data from server according to calling.
Corresponding second process of SDK obtains target data from server, due to the second process according to the calling of the first process The process being independently of except the first process, therefore host program can not monitor the friendship of the data between the second process and server It changes.
For example, as shown in figure 4, target data can be the corresponding Wi-Fi password of wireless router.Host program is corresponding Java process initiation Wi-Fi list scan, the specified Wi-Fi function of Native process is called by Socket interface, and SDK is corresponding Native process by connecting and communicating with server, obtain Wi-Fi password from server, which passed through into Map Caching, and upper corresponding wireless router is connected by the Wi-Fi password.Wherein, password only occur and be stored in Native into Cheng Zhong, Java process can not access and monitor Native process.
In step 205, the second process provides program function to the first process according to target data.
Corresponding second process of SDK executes program function by the target data obtained from server, and host program is corresponding The first process by from api interface get the second process provide program function, execute host program corresponding first into Journey.
For example, as shown in figure 4, sending after the upper Wi-Fi of Native process connection to Java process for connection without route By device information, Java process is connected automatically to the corresponding no route of Wi-Fi password using Native process by Socket interface By device, the function of automatic connection Wi-Fi is realized.After realizing automatic connection radio router function, Native process is raw It is added in operating system at Wificonfig file by Binder (interprocess communication), Java process passes through Wificonfig File monitors Wi-Fi connection status.
In conclusion in the embodiment of the present application, by by corresponding second process of SDK independently of host corresponding first into It except journey, solves in the related technology since SDK is run in host process, host program can be relatively easily broken to SDK The technical issues of solution, since host program can only use the program function of SDK by the api interface for calling SDK to provide, and cannot Directly corresponding second process of access SDK, therefore host program can not listen to the operating condition and SDK and server of SDK Between the data packet that communicates, improve the safety of SDK.
Referring to FIG. 5, the method flow diagram of the program operating method provided it illustrates another embodiment of the application.This Embodiment by the program operating method be applied to terminal 140 as shown in Figure 1 in for, this method comprises:
In step 501, when receiving program enabling signal, host program starts the first process
When user needs using host program, user clicks the icon of host program, and host program receives user and clicks The enabling signal that icon generates starts the first process.Wherein, the first process is operate in host program and SDK provides program The relevant process of function.
In step 502, host program initializes the api interface of SDK.
Before the api interface that host program calls SDK, host program carries out initial firstly the need of the api interface to SDK Change, during initialization, one section of code in SDK operates in corresponding first process of host program, for detecting it Running environment whether there is security risk.
Optionally, SDK whether there is security risk, including step 503 to step by the first process detection running environment At least one step in 505 3 steps.The present embodiment with include all three steps illustrate.
In step 503, SDK detects whether current account number in terminal obtains highest operation permission.
Whether current account number corresponding to SDK detection terminal obtains highest operation permission, that is, judge currently to log in is Whether the account that unites is Root account, and since Root account has systematic highest permission, host system can connect around API Mouth directly accesses and monitors the second process of SDK, to have security risk.
Therefore, when api interface of the host program to SDK initializes, SDK needs to detect whether current account number obtains Highest runs permission, if testing result is that current account number obtains highest and runs permission, enters step 506b.If detection knot Fruit is that current account number does not obtain highest operation permission, then enters step 503, or enter step 506a.
In an alternative embodiment, due to obtain highest operation permission terminal can generate a SU binary system can File is executed, SDK judges whether current account number obtains most by the way that whether detection terminal has SU binary executable Height operation permission.
In step 504, SDK detects whether terminal is the virtual terminal of simulator.
SDK detects whether terminal is the virtual terminal of simulator.By the virtual terminal of simulator can around according to The Internet Security Standard that bad hardware plays a role, for example, host program can directly access and monitor the second of SDK around API Process, to have security risk.
Therefore, when initializing to api interface, SDK needs to detect whether current account number is the virtual terminal of simulator, If testing result is the virtual terminal of simulator for present terminal, 506b is entered step;If testing result is present terminal It is not the virtual terminal of simulator, then enters step 505, or enter step 506a.
In an alternative embodiment, SDK is by calling the hardware component of terminal to judge whether terminal is simulator institute Virtual terminal, for example the hardware component of the terminals such as sensor, camera, gyroscope, bluetooth is called, if malloc failure malloc, Determine that terminal is the virtual terminal of simulator;If calling successfully, it is determined that terminal is entity hardware.
In step 505, SDK detects whether corresponding first process of host program is tracked.
Whether corresponding first process of SDK detection host program and/or the related process of SDK are tracked, if host's journey Corresponding first process of sequence is tracked, then when the first process calls api interface, is likely to result in information leakage, has safety Hidden danger.If SDK detects host program, corresponding first process is tracked, and enters step 505b;If SDK detects host's journey Corresponding first process of sequence is not tracked, then enters step 506a.
The system that tracing program Strace is commonly used to when tracking process executes is called and received signal.In Linux system System or android system in, process cannot direct access hardware devices, when process need access hardware devices (such as receive net Network data etc.) when, it is necessary to kernel mode is switched to by user mode, access hardware devices, Strace program are called by system The system that a process generates can be traced into call, including parameter, return value, the time for executing consumption etc., therefore, when first When process is tracked, Strace program can obtain the information saved in SDK around api interface.
In an alternative embodiment, SDK is by detecting whether terminal there is tracked information to judge that host program is corresponding The first process whether be tracked, if having tracked information, it is determined that corresponding first process of host program is tracked;If not having There is tracked information, it is determined that corresponding first process of host program is not tracked.
In step 506a, SDK passes through first the second process of process initiation.
After determining that currently running environment does not have security risk, SDK passes through first the second process of process initiation.
In step 506b, api interface initialization failure.
Meet after api interface of the host program to SDK initializes any one following, it is determined that at the beginning of api interface Beginningization failure: current account number obtains highest operation permission, the terminal terminal virtual for simulator, or, host program is corresponding The first process be tracked.
If api interface initialization failure, SDK returns to initialization failure information, host program corresponding the to host program One process is not capable of calling the api interface of SDK.
In step 507, when receiving function using signal, host program calls SDK to provide by the first process Api interface.
When the program function that user needs to provide using SDK, the relevant program function icon of host program, host are clicked Program receives the function that user's click program function icon generates and uses signal, is connect by the API that the first process calls SDK to provide Mouthful.Wherein, which is some program function icon in host program, the journey which provides Sequence function is the program function provided based on SDK, is not referred to all program functions in host program.
In step 508, for the second process according to calling from server acquisition target data, the second process is independently of first Process except process.
Corresponding second process of SDK obtains target data from server according to the calling of the first process.Optionally, target Data are related with the program function that SDK is provided, and target data is confidential data.Wherein, second process be independently of first into Process except journey.
In step 509, the second process provides program function to the first process according to target data.
Corresponding second process of SDK executes program function by the target data obtained from server, and host program is corresponding The first process by from api interface get the second process provide program function, execute host program corresponding first into Journey.
Illustratively, the operating system of terminal is android system, and corresponding second process of SDK is Native process, should Native process receives the primary insulation blocking of operating system and reinforcement protection, and the first process corresponding to host process can not visit Ask or listen to the operating condition in relation to the second process.
In conclusion in the embodiment of the present application, by by corresponding second process of SDK independently of host corresponding first into It except journey, solves in the related technology since SDK is run in host process, host program can be relatively easily broken to SDK The technical issues of solution, since host program can only use the program function of SDK by the api interface for calling SDK to provide, and cannot Directly corresponding second process of access SDK, therefore host program can not listen to the operating condition and SDK and server of SDK Between the data packet that communicates, improve the safety of SDK.
Further, in the embodiment of the present application, by right before corresponding first process of host program calls api interface Whether api interface initialization has peace by the running environment of the corresponding first process detection api interface of host program by SDK Full hidden danger solves under the running environment with security risk, and host program calls safety caused by the api interface of SDK Potential problem further improves the safety of SDK.
It in an alternative embodiment, can be by " non-when corresponding second process of SDK is communicated with server The mode that symmetric cryptography and symmetric cryptography " combines carries out.Wherein, asymmetric encryption is for corresponding second process of SDK and service Negotiate encryption key between device, symmetric cryptography for the session data packet between the second process corresponding to SDK and server into Row encryption.
Referring to FIG. 6, the method flow diagram of the program operating method provided it illustrates another embodiment of the application.This Embodiment by the program operating method be applied to terminal 140 as shown in Figure 1 in for, this method comprises:
In step 601, when receiving program enabling signal, host program starts the first process
When user needs using host program, user clicks the icon of host program, and host program receives user and clicks The enabling signal that icon generates starts the first process.Wherein, the first process is operate in host program and SDK provides program The relevant process of function.
In step 602, host program passes through corresponding second process of the first process initiation SDK
After the first process initiation, corresponding second process of the first process initiation SDK, wherein the second process is operate in In SDK, and independently of the process except the first process.
In step 603, when receiving function using signal, host program calls SDK to provide by the first process Api interface.
When the program function that user needs to provide using SDK, the relevant program function icon of host program, host are clicked Program receives the function that user's click program function icon generates and uses signal, is connect by the API that the first process calls SDK to provide Mouthful.Wherein, program function icon is some program function icon in host program, the program which provides Function is the program function provided based on SDK, is not referred to all program functions in host program.
In step 604, the second process detection symmetric cryptographic key whether there is.
In corresponding second process of SDK according to calling before server acquisition target data, the second process is needed to SDK Symmetric cryptographic key between server is detected.
Firstly, whether there is symmetric cryptographic key in the second process detection SDK, and if it exists, then enter step 605 or step 612;If it does not exist, then 606 are entered step.
In step 605, the second process detection symmetric cryptographic key there are durations whether to reach default effective time.
Usually, symmetric cryptographic key too long can increase the chance that cracks to attacker using the time.In order to guarantee to pacify Entirely, symmetric cryptographic key has certain timeliness, if it exceeds timeliness, then symmetric key can fail, and need to regenerate at this time Symmetric key.
Therefore, whether duration existing for the symmetric cryptographic key in the second process detection SDK reaches preset effective time; If so, entering step 606;If it is not, then entering step 612.
In step 606, the second process generates random number.
If the second process does not detect symmetric cryptographic key in SDK, and/or, pair of second process detection into SDK Claim encryption key to reach default effective time, then generate a random number, the random number by as symmetrical in this session plus Key.
In step 607, the second process encrypts random number by the private key in asymmetric encryption, obtains first and adds Close result.
Second process, to random number encryption, obtains the first encrypted result by the private key in asymmetric encryption in SDK.This Shen Please in embodiment, SDK to the information that server is sent by the private key encryption in asymmetric encryption in SDK, by being stored in clothes The public key decryptions being engaged in the asymmetric encryption at device end.When host program exploitation side obtains SDK from SDK provider, wrapped in SDK Public key storage containing the private key in asymmetric encryption, and in asymmetric encryption is in the server.
Unsymmetrical key includes one group of public key and private key.Public key refers to disclosed key, does not need to maintain secrecy, decryption side It can obtain through various channels;And private key refers to the key only held by encryption side itself, maintains secrecy.One public key A corresponding private key;Public key and private key have collectively constituted a kind of asymmetric encryption mode.Asymmetric encryption mode, which refers to, uses public key The information of encryption can only be decrypted with corresponding private key, can only also be solved with corresponding public key using the information of private key encryption It is close.That is, the key that encryption and decryption use is different.
Such as: it is assumed that A will send encryption information to B, then A first has to obtain public key corresponding with B, then uses and B pairs After the information that the public key answered sends needs encrypts, encrypted information is sent to B, B is in the encryption for receiving A transmission Information after, it is necessary to the information of encryption can be just decrypted, be obtained interior in the information of encryption using private key corresponding with B Hold.Since private key corresponding with B only has B oneself to possess, the information for the encryption that A is sent is safe.
In step 608, the first encrypted result is sent to server by the second process.
It, will after second process obtains the first encrypted result to random number encryption by the private key in asymmetric encryption in SDK First encrypted result is sent to server by wired or wireless network.
After server obtains the first encrypted result, by storing the public key in asymmetric encryption in the server to first Encrypted result decryption, obtains decrypted result.And according to the random number in decrypted result as key to be verified, and will be to be verified close Key and the session identification of this session are by obtaining the second encrypted result after the public key encryption in asymmetric encryption.
Wherein, the corresponding session identification of each session and a symmetric key of the second process and server.
In step 609, the second process receives the second encrypted result that server is sent.
After key to be verified and session identification are passed through the public key encryption in asymmetric encryption by server, the second encryption is obtained As a result after, the second encrypted result is sent to corresponding second process of SDK by wired or wireless network.
In step 610, the second process is decrypted the second encrypted result by asymmetric encryption private key, obtains session Mark and key to be verified.
Corresponding second process of SDK is decrypted the second encrypted result by the private key in asymmetric encryption, is understood Words mark and key to be verified.
In step 611, key to be verified is determined as by the second process when determining random number and cipher key match to be verified The symmetric cryptographic key of this session.
Corresponding second process of SDK after obtaining key to be verified, determine key to be verified whether with nonces match ( I.e. whether the two is identical), if key to be verified and nonces match, add the key to be verified as the symmetrical of this session Key.
In step 612, it whether there is GUID in the second process detection terminal.
It whether there is the corresponding GUID of terminal in second process detection server.Wherein, GUID is that server passes through algorithm The corresponding unique identification of the terminal of generation, server end establish session with SDK by GUID identification terminal.If the second process does not have It detects the corresponding GUID of terminal, then enters step 613;If the second process detection is entered step to the corresponding GUID of terminal 614。
In step 613, the facility information of terminal is sent to server by the second process.
If GUID is not present in terminal, facility information is sent to server by the second process, and server is according to facility information The GUID of registration terminal, wherein facility information includes but is not limited to: device identification, OS Type, operating system version Number, the type of current online environment, at least one of be currently located geographical location.
In step 614, the second process obtains target by the encrypted session connection of symmetric cryptographic key, from server Data.
It after second process obtains the symmetric cryptographic key of this session, sends and requests to server, the request is for clothes Device request transmission target data of being engaged in is added target data by symmetric cryptographic key after server receives the request of the second process Corresponding second process of SDK is sent to after close.
In step 615, the second process provides program function to the first process according to target data.
After second process obtains the encrypted target data of symmetric cryptographic key, by symmetric cryptographic key to encrypted Target data is decrypted, and obtains target data, provides program function to the first process by target data.
For example, target data can be the corresponding Wi-Fi password of wireless router.Second process is asked to server transmission It asks, which is that request server sends the corresponding Wi-Fi password of wireless router, and server receives the request of the second process, The second process will be sent to after Wi-Fi password encryption by symmetric cryptographic key, the second process obtains encrypted Wi-Fi password Encrypted Wi-Fi password is decrypted by symmetric cryptographic key afterwards, obtains the corresponding Wi-Fi password of wireless router, and lead to It crosses the Wi-Fi password to connect with corresponding wireless router, the first process is real by corresponding second process of SDK by api interface The now function that automatically and wirelessly router connects.
In conclusion in the embodiment of the present application, by by corresponding second process of SDK independently of host corresponding first into It except journey, solves in the related technology since SDK is run in host process, host program can be relatively easily broken to SDK The technical issues of solution, since host program can only use the program function of SDK by the api interface for calling SDK to provide, and cannot Directly corresponding second process of access SDK, therefore host program can not listen to the operating condition and SDK and server of SDK Between the data packet that communicates, improve the safety of SDK.
Further, in the embodiment of the present application, by by rivest, shamir, adelman in conjunction with symmetric encipherment algorithm, Mei Geyi Asymmetric encryption is used to negotiate encryption key between corresponding second process of SDK and server by the section time, and symmetric cryptography is used for Session data packet between the second process corresponding to SDK and server encrypts, solve each session only pass through it is non-right Claim computationally intensive problem caused by encryption, or, session only passes through the low problem of security performance caused by symmetric cryptography every time, Asymmetric encryption private key on the basis of calculation amount is small improves the peace of session between corresponding second process of SDK and server Quan Xing.
Referring to FIG. 7, the method flow diagram of the program operating method provided it illustrates another embodiment of the application.This Embodiment by the program operating method be applied to terminal 140 as shown in Figure 1 in for, this method comprises:
In step 701, when receiving program enabling signal, host program starts the first process
When user needs using host program, user clicks the icon of host program, and host program receives user and clicks The enabling signal that icon generates starts the first process.Wherein, the first process is operate in host program and SDK provides program The relevant process of function.
In a step 702, host program initializes the api interface of SDK.The API of SDK is called to connect in host program Before mouthful, host program is initialized firstly the need of the api interface to SDK, during initialization, one section in SDK Code operates in corresponding first process of host program, for detecting its running environment with the presence or absence of security risk.
Optionally, SDK whether there is security risk, including step 703 to step by the first process detection running environment At least one step in 705 3 steps.The present embodiment with include all three steps illustrate.
In step 703, whether current account number obtains highest operation permission in SDK detection terminal.
Whether current account number corresponding to SDK detection terminal obtains highest operation permission, that is, judge currently to log in is Whether the account that unites is Root account, and since Root account has systematic highest permission, host system can connect around API Mouth directly accesses and monitors the second process of SDK, to have security risk.
Therefore, when api interface of the host program to SDK initializes, SDK needs to detect whether current account number obtains Highest runs permission, if testing result is that current account number obtains highest and runs permission, enters step 706b;If detection knot Fruit is that current account number does not obtain highest operation permission, then enters step 704, or enter step 706a.
In an alternative embodiment, due to obtain highest operation permission terminal can generate a SU binary system can File is executed, SDK judges whether current account number obtains most by the way that whether detection terminal has SU binary executable Height operation permission.
In step 704, SDK detects whether terminal is the virtual terminal of simulator.
SDK detects whether terminal is the virtual terminal of simulator.By the virtual terminal of simulator can around according to The Internet Security Standard that bad hardware plays a role, for example, host program can directly access and monitor the second of SDK around API Process, to have security risk.
Therefore, when initializing to api interface, SDK needs to detect whether present terminal is the virtual terminal of simulator, If testing result is the virtual terminal of simulator for present terminal, 706b is entered step;If testing result is present terminal It is not the virtual terminal of simulator, then enters step 705, or enter step 706a.
In an alternative embodiment, SDK is by calling the hardware component of terminal to judge whether terminal is simulator institute Virtual terminal, for example the hardware component of the terminals such as sensor, camera, gyroscope, bluetooth is called, if malloc failure malloc, Determine that terminal is the virtual terminal of simulator;If calling successfully, it is determined that terminal is entity hardware.
In step 705, whether corresponding first process of SDK detection host program is tracked.
Whether corresponding first process of SDK detection host program and/or the related process of SDK are tracked, if host's journey Corresponding first process of sequence is tracked, then when the first process calls api interface, is likely to result in information leakage, has safety Hidden danger.If SDK detects host program, corresponding first process is tracked, and enters step 706b;If SDK detects host's journey Corresponding first process of sequence is not tracked, then enters step 706a.
The system that tracing program Strace is commonly used to when tracking process executes is called and received signal.In Linux system System or android system in, process cannot direct access hardware devices, when process need access hardware devices (such as receive net Network data etc.) when, it is necessary to kernel mode is switched to by user mode, access hardware devices, Strace program are called by system The system that a process generates can be traced into call, including parameter, return value, the time for executing consumption etc., therefore, when first When process is tracked, Strace program can obtain the information saved in SDK around api interface.
In an alternative embodiment, SDK is by detecting whether terminal there is tracked information to judge that host program is corresponding The first process whether be tracked, if having tracked information, it is determined that corresponding first process of host program is tracked, if not having There is tracked information, it is determined that corresponding first process of host program is not tracked.
In step 706a, SDK passes through first the second process of process initiation.
After determining that currently running environment does not have security risk, SDK passes through first the second process of process initiation.
In step 706b, api interface initialization failure.
Meet after api interface of the host program to SDK initializes any one following, it is determined that at the beginning of api interface Beginningization failure: current account number obtains highest operation permission, the terminal terminal virtual for simulator, or, host program is corresponding The first process be tracked.
If api interface initialization failure, SDK returns to initialization failure information, host program corresponding the to host program One process is not capable of calling the api interface of SDK.
In step 707, corresponding first process of host program calls the api interface of SDK offer.
When the program function that user needs to provide using SDK, the relevant program function icon of host program, host are clicked Program receives the function that user's click program function icon generates and uses signal, is connect by the API that the first process calls SDK to provide Mouthful.Wherein, which is some program function icon in host program, the journey which provides Sequence function is the program function provided based on SDK, is not referred to all program functions in host program.
In step 708, the second process detection symmetric cryptographic key whether there is.
In corresponding second process of SDK according to calling before server acquisition target data, need to SDK and server Between symmetric cryptography code key detected.Firstly, whether there is symmetric cryptographic key in the second process detection SDK, and if it exists, Then enter step 709 or step 711;If it does not exist, then 710 are entered step.
In step 709, the second process detection symmetric cryptographic key there are durations whether to reach default effective time.
Usually, symmetric cryptographic key too long can increase the chance that cracks to attacker using the time.In order to guarantee to pacify Entirely, usual symmetric cryptographic key has certain timeliness, if it exceeds timeliness, then symmetric key can fail, and need to regenerate Symmetric key.
Therefore, whether duration existing for the symmetric cryptographic key in the second process detection SDK reaches preset effective time; If so, entering step 710;If it is not, then entering step 711.
In step 720, the second process negotiates the symmetric cryptography of this session by asymmetric encryption private key and server Key.
If the second process does not detect symmetric cryptographic key in SDK, and/or, pair of second process detection into SDK Claim encryption key to reach default effective time, then generate a random number, the random number by as symmetrical in this session plus Key.
Second process, to random number encryption, obtains the first encrypted result by the private key in asymmetric encryption in SDK.
Wherein, the second process obtains the first encryption knot by the private key in asymmetric encryption in SDK to random number encryption Fruit.In the embodiment of the present application, the communication between SDK and server is by the private key encryption in asymmetric encryption in SDK, by depositing Store up the public key decryptions in the asymmetric encryption of server end.When host program exploitation side obtains SDK from SDK provider, SDK In included private key in asymmetric encryption, and the public key storage in asymmetric encryption is in the server.
It, will after second process obtains the first encrypted result to random number encryption by the private key in asymmetric encryption in SDK First encrypted result is sent to server by wired or wireless network.
After server obtains the first encrypted result, added by storing the public key in asymmetric encryption in the server to first Close result decryption, obtains decrypted result.And according to the random number in decrypted result as key to be verified, and by key to be verified With this session identification by obtaining the second encrypted result after the public key encryption in asymmetric encryption.
After key to be verified and session identification are passed through the public key encryption in asymmetric encryption by server, the second encryption is obtained As a result after, the second encrypted result is sent to corresponding second process of SDK by wired or wireless network.
Corresponding second process of SDK is decrypted the second encrypted result by the private key in asymmetric encryption, is understood Words mark and key to be verified.
Corresponding second process of SDK after obtaining key to be verified, determine key to be verified whether with nonces match ( I.e. whether the two is identical), if key to be verified and nonces match, add the key to be verified as the symmetrical of this session Key.
In an alternative embodiment, it whether there is GUID in the second process detection terminal, if the second process is not examined Measure the corresponding GUID of terminal, then facility information be sent to server, server according to the GUID of facility information registration terminal, Wherein, facility information includes but is not limited to: device identification, OS Type, operating system version number, environment of currently surfing the Internet Type at least one of is currently located geographical location;If the second process detection is entered step to the corresponding GUID of terminal 711。
In step 711, the second process obtains target from server by the encrypted session connection of symmetric cryptographic key Data.
It after second process obtains the symmetric cryptographic key of this session, sends and requests to server, the request is for clothes Device request transmission target data of being engaged in is added target data by symmetric cryptographic key after server receives the request of the second process Corresponding second process of SDK is sent to after close.
In step 712, the second process provides program function to the first process according to target data.
After second process obtains the encrypted target data of symmetric cryptographic key, by symmetric cryptographic key to encrypted Target data is decrypted, and obtains target data, provides program function to the first process by target data.
In conclusion in the embodiment of the present application, by by corresponding second process of SDK independently of host corresponding first into It except journey, solves in the related technology since SDK is run in host process, host program can be relatively easily broken to SDK The technical issues of solution, since host program can only use the program function of SDK by the api interface for calling SDK to provide, and cannot Directly corresponding second process of access SDK, therefore host program can not listen to the operating condition and SDK and server of SDK Between the data packet that communicates, improve the safety of SDK
Further, in the embodiment of the present application, by right before corresponding first process of host program calls api interface Whether api interface initialization has peace by the running environment of the corresponding first process detection api interface of host program by SDK Full hidden danger solves under the running environment with security risk, and host program calls safety caused by the api interface of SDK Potential problem further improves the safety of SDK.
Further, in the embodiment of the present application, by by rivest, shamir, adelman in conjunction with symmetric encipherment algorithm, Mei Geyi Asymmetric encryption is used to negotiate encryption key between corresponding second process of SDK and server by the section time, and symmetric cryptography is used for Session data packet between the second process corresponding to SDK and server encrypts, solve each session only pass through it is non-right Claim computationally intensive problem caused by encryption, or, session only passes through the low problem of security performance caused by symmetric cryptography every time, On the basis of calculation amount is small, the safety of session between corresponding second process of SDK and server is improved.
Referring to FIG. 8, the device block diagram of the program running gear provided it illustrates another embodiment of the application.This reality Example is applied so that the program running gear is applied in terminal 140 as shown in Figure 1 as an example, which includes host program module 801 With SDK module 802, operation has the first process in host program module 801, and operation has the second process in SDK module, wherein place Main program module 801 is the program module that secondary development is carried out based on SDK module 802.
Host program module 801, for starting the first process when receiving program enabling signal;Pass through the first process Start the second process;When receiving function using signal, the api interface of SDK module offer is called by the first process;
SDK module 802, for obtaining target data from server according to calling by the second process;According to target data Program function is provided to the first process.
In an alternative embodiment, host program module 801 is also used to:
The api interface of SDK module 802 is initialized after actuation;
SDK module 802 is also used to when api interface of the host program module 801 to SDK module 802 initializes, It whether there is security risk by the running environment in the first process detection terminal;When security risk is not present in running environment, Start the second process.
In an alternative embodiment, SDK module 802 is also used to, and passes through current account number in the first process detection terminal Whether highest operation permission is obtained;
And/or;
Whether SDK module 802 is also used to, be the virtual terminal of simulator by the first process detection terminal;
And/or;
Whether SDK module 802 is also used to, be tracked by corresponding first process of the first process detection host program.
In an alternative embodiment, SDK module 802 is also used to:
Negotiate the symmetric cryptographic key of this session by asymmetric encryption private key and server by the second process;
By the second process by the encrypted session connection of symmetric cryptographic key, target data is obtained from server.
In an alternative embodiment, SDK module 802 is also used to:
Random number is generated by the second process;
Random number is encrypted by asymmetric encryption private key by the second process, obtains the first encrypted result;
The first encrypted result is sent to server by the second process;
The second encrypted result that server is sent is received by the second process;
The second ciphering process is decrypted by asymmetric encryption private key by the second process, obtain session identification and to Authentication secret;
Through the second process when determining random number and cipher key match to be verified, key to be verified is determined as this session Symmetric cryptographic key.
In an alternative embodiment, SDK module 802 is also used to:
By second process symmetric cryptographic key there are when it is long reach be preset with effect duration when, again through asymmetric Encryption key and server negotiate next symmetric cryptographic key.
Fig. 9 is referred to, it illustrates the structural block diagrams of terminal provided by one embodiment of the present invention.The terminal includes: place Manage device 901, memory 902 and network interface 903.
Network interface 903 is connected by bus or other means with processor 901, for receiving the target of server transmission Data or the second encrypted result, or, for sending the first encrypted result to server.
Processor 901 can be central processing unit (English: central processing unit, CPU), network processes The combination of device (English: network processor, NP) or CPU and NP.Processor 801 can further include hardware Chip.Above-mentioned hardware chip can be specific integrated circuit (English: application-specific integrated Circuit, ASIC), programmable logic device (English: programmable logic device, PLD) or combinations thereof.It is above-mentioned PLD can be Complex Programmable Logic Devices (English: complex programmable logic device, CPLD), scene Programmable gate array (English: field-programmable gate array, FPGA), Universal Array Logic (English: Generic array logic, GAL) or any combination thereof.
Memory 902 is connected by bus or other means with processor 901, is stored at least one in memory 902 Instruction, at least a Duan Chengxu, code set or instruction set, above-mentioned at least one instruction, at least a Duan Chengxu, code set or instruction set It is loaded by processor 901 and is executed to realize the program operating method such as Fig. 2, Fig. 5, Fig. 6 or Fig. 7.Memory 902 can be easy The property lost memory (English: volatile memory), nonvolatile memory (English: non-volatile memory) or Their combination.Volatile memory can be random access memory (English: random-access memory, RAM), example Such as static random access memory (English: static random access memory, SRAM), dynamic random access memory Device (English: dynamic random access memory, DRAM).Nonvolatile memory can be read-only memory (English Text: read only memory image, ROM), such as programmable read only memory (English: programmable read Only memory, PROM), Erasable Programmable Read Only Memory EPROM (English: erasable programmable read only Memory, EPROM), electrically erasable programmable read-only memory (English: electrically erasable Programmable read-only memory, EEPROM).Nonvolatile memory may be flash memory (English: Flash memory), magnetic memory, for example (,) tape (English: magnetic tape), floppy disk (English: floppy disk), firmly Disk.Nonvolatile memory may be CD.
It is a kind of computer-readable in the storage medium the embodiment of the present application also provides a kind of computer readable storage medium Storage medium is stored at least one instruction, at least a Duan Chengxu, code set or instruction set in storage medium, and at least one refers to It enables, an at least Duan Chengxu, code set or instruction set is loaded as processor and executed to realize as shown in Fig. 2, Fig. 5, Fig. 6 or Fig. 7 Program operating method, optionally, which includes high speed access storage, nonvolatile memory.
It should be understood that referenced herein " multiple " refer to two or more."and/or", description association The incidence relation of object indicates may exist three kinds of relationships, for example, A and/or B, can indicate: individualism A exists simultaneously A And B, individualism B these three situations.Character "/" typicallys represent the relationship that forward-backward correlation object is a kind of "or".
Above-mentioned the embodiment of the present application serial number is for illustration only, does not represent the advantages or disadvantages of the embodiments.
Those of ordinary skill in the art will appreciate that realizing that all or part of the steps of above-described embodiment can pass through hardware It completes, relevant hardware can also be instructed to complete by program, the program can store in a kind of computer-readable In storage medium, storage medium mentioned above can be read-only memory, disk or CD etc..
The foregoing is merely the preferred embodiments of the application, not to limit the application, it is all in spirit herein and Within principle, any modification, equivalent replacement, improvement and so on be should be included within the scope of protection of this application.

Claims (14)

1. a kind of program operating method, which is characterized in that applied in the terminal for being equipped with host program, the host program is The program of secondary development is carried out based on SDK, which comprises
When receiving program enabling signal, the host program starts the first process;
For the host program by corresponding second process of SDK described in first process initiation, second process is independent Process except first process;
When receiving function using signal, the host program is connect by the API that first process calls the SDK to provide Mouthful;
Second process obtains target data according to described call from server;
Second process provides program function to first process according to the target data.
2. the method according to claim 1, wherein the host program passes through described in first process initiation Corresponding second process of SDK, comprising:
When the host program after actuation initializes the api interface of the SDK, the SDK passes through described Running environment in terminal described in first process detection whether there is security risk;
When security risk is not present in the running environment, the SDK passes through the second process described in first process initiation.
3. according to the method described in claim 2, it is characterized in that, the SDK passes through terminal described in first process detection In running environment whether there is security risk, comprising:
The SDK runs permission by the way that whether account number current in terminal described in first process detection obtains highest;
And/or;
Whether the SDK is the virtual terminal of simulator by terminal described in first process detection;
And/or;
Whether the SDK is tracked by corresponding first process of host program described in first process detection.
4. method according to any one of claims 1 to 3, which is characterized in that second process is called according to described from clothes Business device obtains target data, comprising:
Second process negotiates the symmetric cryptographic key of this session by asymmetric encryption private key and the server;
Second process obtains the target by the encrypted session connection of the symmetric cryptographic key, from the server Data.
5. according to the method described in claim 4, it is characterized in that, second process by asymmetric encryption private key with it is described Server negotiates the symmetric cryptographic key of this session, comprising:
Second process generates random number;
Second process encrypts the random number by the asymmetric encryption private key, obtains the first encrypted result;
First encrypted result is sent to the server by second process;
Second process receives the second encrypted result that the server is sent;
Second process is decrypted second ciphering process by the asymmetric encryption private key, obtains session identification With key to be verified;
The key to be verified is determined as by second process when determining the random number and the cipher key match to be verified The symmetric cryptographic key of this session.
6. according to the method described in claim 5, it is characterized in that, second process by asymmetric encryption private key with it is described Server is negotiated after the symmetric cryptographic key of this session, further includes:
Second process the symmetric cryptographic key there are when it is long reach be preset with effect duration when, again through described non- Symmetric cryptography private key and the server negotiate next symmetric cryptographic key.
7. a kind of program running gear, applied to include host program module terminal in, which is characterized in that described device includes The host program module and SDK module, the host program module are that the program of secondary development is carried out based on the SDK module Module, operation has the first process in the host program module, and operation has the second process in the SDK module, described second into Except journey is independently of first process;
The host program module, for starting first process when receiving program enabling signal;Pass through described first Second process described in process initiation;When receiving function using signal, the SDK is called to provide by first process Api interface;
The SDK module, for obtaining target data according to described call from server by second process;According to described Target data provides program function to first process.
8. device according to claim 7, which is characterized in that
The host program module is also used to after actuation initialize the api interface of the SDK module;
The SDK module is also used to initialize the api interface of the SDK module when the host program module When, security risk whether there is by the running environment in terminal described in first process detection;When the running environment not There are when security risk, start second process.
9. device according to claim 8, which is characterized in that
The SDK module is also used to whether obtain highest fortune by account number current in terminal described in first process detection Row permission;
And/or;
Whether the SDK module is also used to through terminal described in first process detection be the virtual terminal of simulator;
And/or;
Whether the SDK module is also used to be chased after by corresponding first process of host program described in first process detection Track.
10. device according to any one of claims 7 to 9, which is characterized in that
The SDK module is also used to negotiate this by asymmetric encryption private key and the server by second process The symmetric cryptographic key of session;
The SDK module, is also used to through second process through the encrypted session connection of the symmetric cryptographic key, from The server obtains the target data.
11. device according to claim 10, which is characterized in that
The SDK module is also used to generate random number by second process;It is described non-right to be passed through by second process Claim encryption key to encrypt the random number, obtains the first encrypted result;Described first is added by second process Close result is sent to the server;The second encrypted result that the server is sent is received by second process;Pass through Second process is decrypted second ciphering process by the asymmetric encryption private key, obtain session identification and to Authentication secret;It, will be described to be verified through second process when determining the random number and the cipher key match to be verified Key is determined as the symmetric cryptographic key of this session.
12. device according to claim 11, which is characterized in that
The SDK module be also used to by second process the symmetric cryptographic key there are when it is long reach be preset with effect When duration, negotiate next symmetric cryptographic key again through the asymmetric encryption private key and the server.
13. a kind of terminal, which is characterized in that the terminal includes processor and memory, is stored at least in the memory One instruction, at least a Duan Chengxu, code set or instruction set, at least one instruction, an at least Duan Chengxu, the generation Code collection or instruction set are loaded by the processor and are executed to realize program operating method as claimed in claim 1 to 5.
14. a kind of computer readable storage medium, which is characterized in that be stored at least one instruction, institute in the storage medium Instruction is stated to be loaded by processor and executed to realize program operating method as claimed in claim 1 to 5.
CN201710884605.5A 2017-09-26 2017-09-26 Program running method and device, terminal and readable medium Active CN109558739B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710884605.5A CN109558739B (en) 2017-09-26 2017-09-26 Program running method and device, terminal and readable medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710884605.5A CN109558739B (en) 2017-09-26 2017-09-26 Program running method and device, terminal and readable medium

Publications (2)

Publication Number Publication Date
CN109558739A true CN109558739A (en) 2019-04-02
CN109558739B CN109558739B (en) 2022-04-15

Family

ID=65863066

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710884605.5A Active CN109558739B (en) 2017-09-26 2017-09-26 Program running method and device, terminal and readable medium

Country Status (1)

Country Link
CN (1) CN109558739B (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111475423A (en) * 2020-06-29 2020-07-31 深圳市珍爱云信息技术有限公司 Data entry method and device, electronic equipment and readable storage medium
WO2021036450A1 (en) * 2019-08-27 2021-03-04 苏宁云计算有限公司 Simulator detection method and system
CN112948824A (en) * 2021-03-31 2021-06-11 支付宝(杭州)信息技术有限公司 Program communication method, device and equipment based on privacy protection
CN113282906A (en) * 2020-02-20 2021-08-20 Oppo广东移动通信有限公司 Permission detection method, device, terminal and storage medium
CN114071628A (en) * 2022-01-06 2022-02-18 深圳佑驾创新科技有限公司 Terminal communication method and device based on android system and storage medium
CN114827252A (en) * 2022-04-22 2022-07-29 深圳市六度人和科技有限公司 Third-party call general method, device, system, terminal equipment and storage medium

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030023774A1 (en) * 2001-06-14 2003-01-30 Gladstone Philip J. S. Stateful reference monitor
CN1609792A (en) * 2003-10-24 2005-04-27 微软公司 Programming interface for a computer program
CN102109986A (en) * 2009-12-23 2011-06-29 阿里巴巴集团控股有限公司 Method, system and device for providing connection serial numbers and connecting plugins
CN103002445A (en) * 2012-11-08 2013-03-27 张维加 Safe mobile electronic equipment for providing application services
CN103631664A (en) * 2013-12-09 2014-03-12 北京奇虎科技有限公司 Inter-process communication method and device
CN104468592A (en) * 2014-12-12 2015-03-25 北京百度网讯科技有限公司 Login method and system
CN104536776A (en) * 2014-11-28 2015-04-22 百度在线网络技术(北京)有限公司 Method and device for running plug-in application in plug-in running environment at host end
CN105159786A (en) * 2015-07-03 2015-12-16 北京奇虎科技有限公司 Method and device for inter-process communication
CN105912930A (en) * 2016-04-11 2016-08-31 北京奇虎科技有限公司 Mobile terminal and system resource safety control method thereof
CN106162538A (en) * 2015-03-19 2016-11-23 孙夫雄 Long distance control system and method for mobile terminal
CN106293821A (en) * 2016-08-03 2017-01-04 北京奇虎科技有限公司 Obtain and transmission application data, the method and device of operation application program

Patent Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030023774A1 (en) * 2001-06-14 2003-01-30 Gladstone Philip J. S. Stateful reference monitor
CN1609792A (en) * 2003-10-24 2005-04-27 微软公司 Programming interface for a computer program
US20050091576A1 (en) * 2003-10-24 2005-04-28 Microsoft Corporation Programming interface for a computer platform
CN102109986A (en) * 2009-12-23 2011-06-29 阿里巴巴集团控股有限公司 Method, system and device for providing connection serial numbers and connecting plugins
CN103002445A (en) * 2012-11-08 2013-03-27 张维加 Safe mobile electronic equipment for providing application services
CN103631664A (en) * 2013-12-09 2014-03-12 北京奇虎科技有限公司 Inter-process communication method and device
CN104536776A (en) * 2014-11-28 2015-04-22 百度在线网络技术(北京)有限公司 Method and device for running plug-in application in plug-in running environment at host end
CN104468592A (en) * 2014-12-12 2015-03-25 北京百度网讯科技有限公司 Login method and system
CN106162538A (en) * 2015-03-19 2016-11-23 孙夫雄 Long distance control system and method for mobile terminal
CN105159786A (en) * 2015-07-03 2015-12-16 北京奇虎科技有限公司 Method and device for inter-process communication
CN105912930A (en) * 2016-04-11 2016-08-31 北京奇虎科技有限公司 Mobile terminal and system resource safety control method thereof
CN106293821A (en) * 2016-08-03 2017-01-04 北京奇虎科技有限公司 Obtain and transmission application data, the method and device of operation application program

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
王慧敏: "微内核操作系统MINIX3消息机制的研究与改进", 《中国优秀硕士学位论文全文数据库 信息科技辑》 *

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2021036450A1 (en) * 2019-08-27 2021-03-04 苏宁云计算有限公司 Simulator detection method and system
CN113282906A (en) * 2020-02-20 2021-08-20 Oppo广东移动通信有限公司 Permission detection method, device, terminal and storage medium
CN113282906B (en) * 2020-02-20 2024-05-03 Oppo广东移动通信有限公司 Authority detection method, device, terminal and storage medium
CN111475423A (en) * 2020-06-29 2020-07-31 深圳市珍爱云信息技术有限公司 Data entry method and device, electronic equipment and readable storage medium
CN112948824A (en) * 2021-03-31 2021-06-11 支付宝(杭州)信息技术有限公司 Program communication method, device and equipment based on privacy protection
CN112948824B (en) * 2021-03-31 2022-04-26 支付宝(杭州)信息技术有限公司 Program communication method, device and equipment based on privacy protection
CN114071628A (en) * 2022-01-06 2022-02-18 深圳佑驾创新科技有限公司 Terminal communication method and device based on android system and storage medium
CN114071628B (en) * 2022-01-06 2022-04-26 深圳佑驾创新科技有限公司 Terminal communication method and device based on android system and storage medium
CN114827252A (en) * 2022-04-22 2022-07-29 深圳市六度人和科技有限公司 Third-party call general method, device, system, terminal equipment and storage medium

Also Published As

Publication number Publication date
CN109558739B (en) 2022-04-15

Similar Documents

Publication Publication Date Title
CN109558739A (en) Program operating method, device, terminal and readable medium
US10554420B2 (en) Wireless connections to a wireless access point
CN106716914B (en) Secure key management for roaming protected content
US8261091B2 (en) Solid-state memory-based generation and handling of security authentication tokens
CN106878245B (en) Graphic code information providing and obtaining method, device and terminal
WO2019218919A1 (en) Private key management method and apparatus in blockchain scenario, and system
CN108429719B (en) Key protection method and device
TWI791050B (en) Data transmission method and system
JP7009393B2 (en) Use hardware-based secure isolated areas to prevent piracy and fraud on electronic devices
JP6015162B2 (en) Terminal device, information processing system, information processing method, and program
US11470060B2 (en) Private exchange of encrypted data over a computer network
CN109756447A (en) A kind of safety certifying method and relevant device
CN108200078B (en) Downloading and installing method of signature authentication tool and terminal equipment
US10045212B2 (en) Method and apparatus for providing provably secure user input/output
CN113557703A (en) Authentication method and device for network camera
CN104243452B (en) A kind of cloud computing access control method and system
CN111181831B (en) Communication data processing method and device, storage medium and electronic device
KR101541165B1 (en) Mobile message encryption method, computer readable recording medium recording program performing the method and download server storing the method
EP3720042B1 (en) Method and device for determining trust state of tpm, and storage medium
CN112004201A (en) Short message sending method and device and computer system
CN114422237B (en) Data transmission method and device, electronic equipment and medium
CN110457959B (en) Information transmission method and device based on Trust application
KR102474897B1 (en) A virtual private network generating method providing the virtual private network by exchanging encapsulated key based on post quantum cryptography algorithm and a virtual private network operating system performing the same
JP2015138336A (en) Management method of electronic data, program therefor, and recording medium for program
KR102474899B1 (en) A virtual private network generating method based on post quantum cryptography algorithm and a virtual private network operating system performing the same

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant